By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,474 Members | 1,270 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,474 IT Pros & Developers. It's quick & easy.

changing password in php

P: 6
i have a code in php that changes password. it runs smoothly no errors, but the question is it does not update the passoord on the database??

here is the form $s is the session ID

Expand|Select|Wrap|Line Numbers
  1. <?php echo"
  2. <form action = \"chpw.php?d='$s'\" method = 'POST'>
  3. NEW PASSWORD: <input type='text' name='pass'>
  4. <br/>
  5. <input type='submit' value='Submit Password'><br/>
  6. </form>"; ?>
  7.  

here is the script that updates

Expand|Select|Wrap|Line Numbers
  1. <?php
  2.  
  3. //$password = md5($_POST['pass']);
  4. //$s=$_GET['d'];
  5. //$s=$_POST['id'];
  6.  
  7. if(md5($_POST['pass'])== ''){
  8. echo ('invalid password');
  9. }else
  10. $sql="UPDATE account SET Password='".md5($_POST['pass'])."' WHERE StudId='".$_GET['d']."'";
  11. $result=mysql_query($sql);
  12.     if (!$result)
  13.         die('Error: ' . mysql_error());
  14.  
  15. echo "Password Changed Successfully!<br><br>\n";
  16. header('location: pwlogout.php');
  17. exit();
  18.  
  19. ?>
  20.  
  21.  
i have tried anything and still to no avail please help thank you
Apr 4 '10 #1

✓ answered by chathura86

im not sure what you meant by

here is the form $s is the session ID
is it the PHP session id? if so you are using the php session id as the
StudId. so probably that is not right.

and it is not ok and (not useful) to echo something before the header()
so remove the header()
Expand|Select|Wrap|Line Numbers
  1. echo "Password Changed Successfully!<br><br>\n";
  2. header('location: pwlogout.php');
  3. exit();
  4.  
and your if condition is not properly written

do not check the md5 converted string is empty because it will never be.

and the else condition is not well planned. use { (curly braces) properly



anyway please edit you script in the following way

Expand|Select|Wrap|Line Numbers
  1. <?php
  2.  
  3. //$password = md5($_POST['pass']);
  4. //$s=$_GET['d'];
  5. //$s=$_POST['id'];
  6.  
  7. if($_POST['pass']== '')
  8. {
  9.     echo ('invalid password');
  10. }
  11. else
  12. {
  13.     $sql="UPDATE account SET Password='".md5($_POST['pass'])."' WHERE StudId='".$_GET['d']."'";
  14.  
  15.     echo $sql;
  16.  
  17.     $result=mysql_query($sql);
  18.     if (!$result)
  19.         die('Error: ' . mysql_error());
  20.  
  21.     echo "Password Changed Successfully!<br><br>\n";
  22.     //header('location: pwlogout.php');
  23.     exit();
  24. }
  25. ?>
  26.  
and check the sql which was generated, see if all the variables are
replaced properly and the way you wanted

paste the result here if you can so i can analyse it.

Regards
Chathura Bamunusinghe

Share this Question
Share on Google+
2 Replies


chathura86
100+
P: 227
im not sure what you meant by

here is the form $s is the session ID
is it the PHP session id? if so you are using the php session id as the
StudId. so probably that is not right.

and it is not ok and (not useful) to echo something before the header()
so remove the header()
Expand|Select|Wrap|Line Numbers
  1. echo "Password Changed Successfully!<br><br>\n";
  2. header('location: pwlogout.php');
  3. exit();
  4.  
and your if condition is not properly written

do not check the md5 converted string is empty because it will never be.

and the else condition is not well planned. use { (curly braces) properly



anyway please edit you script in the following way

Expand|Select|Wrap|Line Numbers
  1. <?php
  2.  
  3. //$password = md5($_POST['pass']);
  4. //$s=$_GET['d'];
  5. //$s=$_POST['id'];
  6.  
  7. if($_POST['pass']== '')
  8. {
  9.     echo ('invalid password');
  10. }
  11. else
  12. {
  13.     $sql="UPDATE account SET Password='".md5($_POST['pass'])."' WHERE StudId='".$_GET['d']."'";
  14.  
  15.     echo $sql;
  16.  
  17.     $result=mysql_query($sql);
  18.     if (!$result)
  19.         die('Error: ' . mysql_error());
  20.  
  21.     echo "Password Changed Successfully!<br><br>\n";
  22.     //header('location: pwlogout.php');
  23.     exit();
  24. }
  25. ?>
  26.  
and check the sql which was generated, see if all the variables are
replaced properly and the way you wanted

paste the result here if you can so i can analyse it.

Regards
Chathura Bamunusinghe
Apr 4 '10 #2

P: 6
Your right i should not use the session[member_if] thanks by the way you did a pretty good help. More power
Apr 6 '10 #3

Post your reply

Sign in to post your reply or Sign up for a free account.